package com.sneakxy.cloudbase.platform.controller;

import java.util.List;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import com.sneakxy.cloudbase.platform.bean.Permission;
import com.sneakxy.cloudbase.platform.bean.ValidAdd;
import com.sneakxy.cloudbase.platform.bean.ValidEdit;
import com.sneakxy.cloudbase.platform.bean.dto.PermissionDTO;
import com.sneakxy.cloudbase.platform.service.IPermissionService;
import com.sneakxy.cloudbase.platform.service.IRolePermService;
import com.sneakxy.cloudbase.platform.utils.web.BeanHelper;
import com.sneakxy.cloudbase.platform.utils.web.Response;
import com.sneakxy.cloudbase.platform.utils.web.signature.RequireSignature;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import springfox.documentation.annotations.ApiIgnore;

@Api(tags="权限操作服务")
@RestController
@RequestMapping("/api/permission/")
public class PermissionController {

	@Autowired
	private IPermissionService permissionService;
	
	@Autowired
	private IRolePermService rolePermService;
	
	@ApiOperation("权限树信息")
	@RequireSignature
	@RequiresPermissions("sys:perm:manager")
	@PostMapping("tree")
	public Response<List<PermissionDTO>> tree() {
		List<PermissionDTO> result = permissionService.findAllByParentId(true);
		return Response.ok(result);
	}
	
	@ApiImplicitParams({
		@ApiImplicitParam(name="id", value="权限ID", dataType="String", dataTypeClass = String.class, paramType="query", required=true),
		@ApiImplicitParam(name="name", value="权限名称", dataType="String", dataTypeClass = String.class, paramType="query", required=true),
		@ApiImplicitParam(name="memo", value="备注", dataType="String", dataTypeClass = String.class, paramType="query", required=false),
		@ApiImplicitParam(name="parentId", value="上级权限ID", dataType="String", dataTypeClass = String.class, paramType="query", required=false),
		@ApiImplicitParam(name="sort", value="权限排序", dataType="int", dataTypeClass = Integer.class, paramType="query", required=true)
	})
	@ApiOperation("添加权限")
	@RequireSignature
	@RequiresPermissions("sys:perm:manager:add")
	@PostMapping("add")
	public Response<PermissionDTO> add(
			@Validated(ValidAdd.class)
			@ApiIgnore 
			PermissionDTO dto) {
		if(!validate(dto.getId()).getData()) {
			return Response.fail(1);
		}
		//去空格
		BeanHelper.trimToEmpty(dto);
		dto.setParentId(StringUtils.trimToNull(dto.getParentId()));
		
		Permission perm = PermissionDTO.to(dto);
		perm.setNew(true);
		perm = permissionService.save(perm);
		return Response.ok(PermissionDTO.from(perm));
	}
	
	@ApiOperation("校验权限")
	@RequireSignature
	@RequiresPermissions("sys:perm:manager:add")
	@PostMapping("validate")
	public Response<Boolean> validate(
			@ApiParam(name="id", value="权限ID", required = true)
			@RequestParam(name="id")
			String id) {
		return Response.ok(!permissionService.exists(id));
	}
	
	@ApiImplicitParams({
		@ApiImplicitParam(name="id", value="权限ID", dataType="String", dataTypeClass = String.class, paramType="query", required=true),
		@ApiImplicitParam(name="name", value="权限名称", dataType="String", dataTypeClass = String.class, paramType="query", required=true),
		@ApiImplicitParam(name="memo", value="备注", dataType="String", dataTypeClass = String.class, paramType="query", required=false),
		@ApiImplicitParam(name="sort", value="权限排序", dataType="int", dataTypeClass = Integer.class, paramType="query", required=true)
	})
	@ApiOperation("权限信息修改")
	@RequireSignature
	@RequiresPermissions("sys:perm:manager:edit")
	@PostMapping("edit")
	public Response<PermissionDTO> edit(
			@Validated(ValidEdit.class)
			@ApiIgnore 
			PermissionDTO dto) {
		//去空格
		BeanHelper.trimToEmpty(dto);
		
		Permission perm = PermissionDTO.to(dto);
		perm.setNew(false);
		perm.setParentId(null);
		perm = permissionService.save(perm);
		
		return Response.ok(PermissionDTO.from(perm));
	}
	
	@ApiOperation("权限删除")
	@RequireSignature
	@RequiresPermissions("sys:perm:manager:remove")
	@PostMapping("remove")
	public Response<Integer> remove(
			@ApiParam(name="id", value="权限ID", required = true)
			@RequestParam(name="id")
			String id) {
		String permId = StringUtils.trimToEmpty(id);
		if(StringUtils.isNotBlank(permId) && 
				permissionService.removeCascad(permId)) {
			return Response.ok();
		}
		return Response.fail(1);
	}
	
	@ApiOperation("查询单个权限信息")
	@RequireSignature
	@PostMapping("one")
	public Response<PermissionDTO> one(
			@ApiParam(name="id", value="权限ID", required = true)
			@RequestParam(name="id")
			String id) {
		Permission perm = permissionService.findOne(id);
		return Response.ok(perm, PermissionDTO::from);
	}
	
	@ApiOperation("查询权限列表")
	@RequireSignature
	@PostMapping("permissions")
	public Response<List<String>> permissions(
			@ApiParam(name="roles", value="角色ID集合", required = true)
			@RequestParam(name="roles")
			List<String> roles) {
		return Response.ok(rolePermService.findPermissions(roles));
	}
	
}
